1. Field of the Invention
The present invention relates generally to communication networks, and more particularly, but not exclusively, to techniques for identifying spam and/or malware.
2. Description of the Background Art
Problems associated with unsolicited messages in electronic mail systems and malware in computer systems are well documented. Unsolicited messages, also referred to as “spam,” are mass mailed by spammers to e-mail accounts over the Internet. Malware includes computer viruses, worms, phishing messages, and malicious scripts.
Various anti-spam and anti-malware techniques have been developed to combat spam and malware. For example, anti-spam software has been deployed in host computers to detect and block spam, and anti-virus software is commonly deployed in personal computers.
The domain name system (DNS) is a hierarchical naming system for resources on the Internet. A DNS blacklist (DNSBL) is a published list of known untrustworthy IP addresses (for example, those IP addresses linked to spamming) which may be checked to determine if an electronic mail (email) message is from an address known for sending out spam. Conversely, a DNS whitelist is a published list of known trustworthy IP addresses which may be used to avoid unnecessary false positive identifications of spam.